OMB to update old cybersecurity guidelines

By FCW Staff

Jun 01, 2012

The Office of Management and Budget is eying a 10-year-old set of cybersecurity guidelines for revision, according to Federal News Radio.

Three former employees offered to make recommendations regarding a potential revision to Circular A-130, and especially Appendix III, which covers cybersecurity, writes Jason Miller. They are Karen Evans, the former OMB administrator for e-government and IT; Dan Chenok, a former branch chief with OMB's Office of Information and Regulatory Affairs; and Frank Reeder, who held several positions with the agency. The former employees learned that OMB was considering making changes, Chenok told FCW.

"It was our view that a lot could be done using existing authorities," Reeder said during a presentation Thursday at the Information Security and Privacy Advisory Board meeting at the National Institute of Standards and Technology headquarters in Gaithersburg, Md., quoted in Miller's article "We've been engaged in conversations with a number of folks inside the executive branch, who have been very supportive of what we are doing, and they are certainly interested in what we have to say as it supports the work that is already underway at OMB to revise the circular."

A two-year campaign that prompted the Department of Homeland Security to issue its first-ever emergency directive to agencies to shore up cyber defenses appears in part to have been an attempt to spy on U.S. government internet traffic.